On Mon, Jun 15, 2020 at 6:23 PM Steve Grubb <sgrubb@xxxxxxxxxx> wrote: > On Friday, June 12, 2020 3:50:14 PM EDT Lakshmi Ramasubramanian wrote: > > On 6/12/20 12:25 PM, Mimi Zohar wrote: > > > The idea is a good idea, but you're assuming that "result" is always > > > errno. That was probably true originally, but isn't now. For > > > example, ima_appraise_measurement() calls xattr_verify(), which > > > compares the security.ima hash with the calculated file hash. On > > > failure, it returns the result of memcmp(). Each and every code path > > > will need to be checked. > > > > Good catch Mimi. > > > > Instead of "errno" should we just use "result" and log the value given > > in the result parameter? > > That would likely collide with another field of the same name which is the > operation's results. If it really is errno, the name is fine. It's generic > enough that it can be reused on other events if that mattered. Steve, what is the historical reason why we have both "res" and "result" for indicating a boolean success/fail? I'm just curious how we ended up this way, and who may still be using "result". -- paul moore www.paul-moore.com
